Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.mft
File:                     TuwmeuLxv5Xm16FCCA5d96MTlJI.mft (raw, json)
Hash identifier:          mSGmcyN7loKEFSSWM3XvL1JKddMcFBtJkWkwKj+X15o=
Subject key identifier:   BA:25:EC:AC:F2:67:90:B7:DC:27:16:70:54:1B:02:B2:3A:2E:AD:2F
Authority key identifier: 4E:EC:26:7A:E2:F1:BF:95:E6:D7:A1:42:08:0E:5D:F7:A3:13:94:92
Certificate issuer:       /CN=4eec267ae2f1bf95e6d7a142080e5df7a3139492
Certificate serial:       019A72261EA126D42E79AB36E9785A4543C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TuwmeuLxv5Xm16FCCA5d96MTlJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.mft
Manifest number:          0C02
Signing time:             Tue 11 Nov 2025 09:01:31 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:31 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:31 +0000
Files and hashes:         1: TuwmeuLxv5Xm16FCCA5d96MTlJI.crl (hash: BEiFyhiFKiu1YXzE8Lsmr1yahXHDqaLymOtVP5LtOYY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TuwmeuLxv5Xm16FCCA5d96MTlJI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:1e:a1:26:d4:2e:79:ab:36:e9:78:5a:45:43:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4eec267ae2f1bf95e6d7a142080e5df7a3139492
        Validity
            Not Before: Nov 11 09:01:31 2025 GMT
            Not After : Nov 12 09:01:31 2025 GMT
        Subject: CN=ba25ecacf26790b7dc271670541b02b23a2ead2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:8a:2f:0a:c6:18:fb:cb:a1:a4:55:85:7d:85:
                    26:29:87:eb:32:4f:d9:c1:2d:a4:bc:da:b6:77:95:
                    0a:4d:d3:19:86:07:4b:53:7f:cc:4d:2b:8d:61:e3:
                    59:d0:a5:2b:25:45:ce:31:a9:ba:98:cc:c9:6e:38:
                    98:ac:88:db:20:e4:66:65:38:b4:0a:4e:5a:7d:65:
                    06:93:78:7c:b6:a5:5a:97:22:24:3c:4c:2e:6a:13:
                    0c:02:03:1c:ab:9d:44:46:1e:c0:d5:93:29:6b:51:
                    38:e7:dc:af:dc:11:ae:bc:c8:8e:e3:36:66:05:7f:
                    7a:ec:75:4a:5b:45:c0:24:ed:fb:be:00:03:e5:f9:
                    6a:6e:47:19:51:81:8f:d3:ca:d7:a0:c2:c7:9a:16:
                    04:4c:97:b5:ae:0c:22:64:7e:a4:53:e3:e8:fc:6b:
                    2c:e0:9d:ca:ac:c2:a9:4b:75:47:6b:38:3c:86:d1:
                    e1:6b:99:5d:e3:87:e4:33:98:d1:cb:60:db:59:d2:
                    6c:70:e7:80:56:c0:a7:33:c7:70:33:f0:92:36:65:
                    d2:af:50:30:96:b7:ca:d2:b9:22:35:17:58:fd:80:
                    d4:04:7a:72:c6:87:73:e4:07:a9:9b:61:45:33:e7:
                    0b:7f:17:85:a0:d2:1f:4f:7b:b6:d3:f1:af:b2:9a:
                    89:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:25:EC:AC:F2:67:90:B7:DC:27:16:70:54:1B:02:B2:3A:2E:AD:2F
            X509v3 Authority Key Identifier:
                keyid:4E:EC:26:7A:E2:F1:BF:95:E6:D7:A1:42:08:0E:5D:F7:A3:13:94:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuwmeuLxv5Xm16FCCA5d96MTlJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:44:b9:2e:bf:29:a4:4a:d5:43:b6:55:17:e6:a3:ae:98:d6:
         2e:30:19:0d:cf:58:56:35:c0:66:e0:a1:f0:ac:d6:71:f1:cd:
         9c:e9:15:d7:75:51:89:ec:49:c9:d4:6f:bb:1f:a3:f1:3d:0a:
         b0:9d:ee:fd:87:a6:17:ea:87:38:83:58:fb:e9:85:99:81:43:
         9c:fd:35:00:58:34:a6:98:ef:9a:a2:17:3c:bf:47:a1:3a:ea:
         d2:37:02:46:d0:12:2d:a0:49:fb:85:49:8b:de:a1:ac:d0:19:
         c9:41:c8:8b:5c:9e:9e:df:b6:4b:18:01:60:d2:a6:53:a1:c2:
         9e:57:48:8c:b2:48:a5:1c:7e:06:f5:eb:fd:8b:c3:d4:4a:8c:
         dd:c6:43:69:2c:18:e1:04:bd:0b:e0:bd:ef:44:9a:f1:3d:e6:
         b4:ed:55:68:49:e3:28:27:fd:7b:18:8b:3f:e0:92:a6:c9:bf:
         39:d4:02:06:c1:c4:dc:86:4d:78:89:d1:d7:2b:dd:b8:31:1d:
         10:d5:4a:3e:ed:b6:f7:1f:26:02:84:f0:b6:8d:96:64:fc:94:
         1c:bf:19:60:db:c6:ca:7a:5e:2e:1b:36:22:9c:d9:00:7e:28:
         92:30:ca:0d:fe:f6:81:16:d8:35:1f:28:d4:30:00:a2:42:6e:
         ff:b0:bd:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJh6hJtQueas26XhaRUPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZWMyNjdhZTJmMWJmOTVlNmQ3YTE0MjA4MGU1ZGY3YTMx
Mzk0OTIwHhcNMjUxMTExMDkwMTMxWhcNMjUxMTEyMDkwMTMxWjAzMTEwLwYDVQQD
EyhiYTI1ZWNhY2YyNjc5MGI3ZGMyNzE2NzA1NDFiMDJiMjNhMmVhZDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYovCsYY+8uhpFWFfYUmKYfrMk/Z
wS2kvNq2d5UKTdMZhgdLU3/MTSuNYeNZ0KUrJUXOMam6mMzJbjiYrIjbIORmZTi0
Ck5afWUGk3h8tqValyIkPEwuahMMAgMcq51ERh7A1ZMpa1E459yv3BGuvMiO4zZm
BX967HVKW0XAJO37vgAD5flqbkcZUYGP08rXoMLHmhYETJe1rgwiZH6kU+Po/Gss
4J3KrMKpS3VHazg8htHha5ld44fkM5jRy2DbWdJscOeAVsCnM8dwM/CSNmXSr1Aw
lrfK0rkiNRdY/YDUBHpyxodz5Aepm2FFM+cLfxeFoNIfT3u20/GvspqJHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLol7KzyZ5C33CcWcFQbArI6Lq0vMB8GA1UdIwQY
MBaAFE7sJnri8b+V5tehQggOXfejE5SSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHV3bWV1THh2NVhtMTZGQ0NBNWQ5Nk1UbEpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS82OGI0NjQtMjQ2MC00ZTUzLWFkZTMt
NmI5NmM4MzYxMjY1LzEvVHV3bWV1THh2NVhtMTZGQ0NBNWQ5Nk1UbEpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS82OGI0NjQtMjQ2MC00ZTUzLWFkZTMtNmI5NmM4MzYxMjY1
LzEvVHV3bWV1THh2NVhtMTZGQ0NBNWQ5Nk1UbEpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAckS5Lr8p
pErVQ7ZVF+ajrpjWLjAZDc9YVjXAZuCh8KzWcfHNnOkV13VRiexJydRvux+j8T0K
sJ3u/YemF+qHOINY++mFmYFDnP01AFg0ppjvmqIXPL9HoTrq0jcCRtASLaBJ+4VJ
i96hrNAZyUHIi1yent+2SxgBYNKmU6HCnldIjLJIpRx+BvXr/YvD1EqM3cZDaSwY
4QS9C+C970Sa8T3mtO1VaEnjKCf9exiLP+CSpsm/OdQCBsHE3IZNeInR1yvduDEd
ENVKPu229x8mAoTwto2WZPyUHL8ZYNvGynpeLhs2IpzZAH4okjDKDf72gRbYNR8o
1DAAokJu/7C9qA==
-----END CERTIFICATE-----